Homeland Security Daily Open Source Infrastructure Report 5 December 2011 Top Stories
advertisement
Homeland Security Daily Open Source Infrastructure Report 5 December 2011 Top Stories • Power restoration was slowed to 400,000 customers in California, as continuing severe winds in that state and many neighboring states closed schools and flipped dozens of semitrucks. – United Press International (See item 1) • A Baltimore County, Maryland man pleaded guilty to possessions of firearms and explosives, after police found C-4, chemicals and items used to build improvised explosive devices, and several guns in his apartment. – Baltimore Sun (See item 36) Fast Jump Menu PRODUCTION INDUSTRIES • Energy • Chemical • Nuclear Reactors, Materials and Waste • Critical Manufacturing • Defense Industrial Base • Dams SUSTENANCE and HEALTH • Agriculture and Food • Water • Public Health and Healthcare SERVICE INDUSTRIES • Banking and Finance • Transportation • Postal and Shipping • Information Technology • Communications • Commercial Facilities FEDERAL and STATE • Government Facilities • Emergency Services • National Monuments and Icons Energy Sector Current Electricity Sector Threat Alert Levels: Physical: LOW, Cyber: LOW Scale: LOW, GUARDED, ELEVATED, HIGH, SEVERE [Source: ISAC for the Electricity Sector (ES-ISAC) [http://www.esisac.com] 1. December 2, United Press International – (California; Southwest) Strong winds keep 400,000 without power. Severe winds and fallen trees slowed power restoration to 400,000 customers as abnormally high Santa Ana winds blasted the Los Angeles area a third day December 2. The winds, gusting around 60 mph, were forecast to continue through midday in Los Angeles and Ventura counties in California, after reaching 97 mph December 1, the National Weather Service said. In many cities, schools were expected to be canceled for a second day December 1 due to the fierce winds, which -1- gusted to more than 80 mph overnight. The storm, which produced some of the strongest wind gusts in the region in more than a decade, was caused by a highly unusual weather system. The blustery conditions extended across the Southwest, including Utah, Nevada, Wyoming, Arizona, and New Mexico. In some places, wind gusts topped 100 mph. Source: http://www.upi.com/Top_News/US/2011/12/02/Strong-winds-keep-400000without-power/UPI-62111322818200/ 2. December 1, United Press International – (National) Satellite gives good news on air pollution. An instrument on a NASA satellite has confirmed major reductions in air pollution by coal power plants in the eastern United States, researchers said. The Ozone Monitoring Instrument on the Aura satellite saw reductions in sulfur dioxide, a key air pollutant that contributes to the formation of acid rain and can cause serious health problems, a NASA release said December 1. About two-thirds of sulfur dioxide pollution in American air comes from coal power plants, the agency said. The new measurements demonstrate scientists can use satellites to measure levels of harmful emissions throughout the world, even in regions without adequate ground monitoring systems, researchers said. Scientists said the decline in sulfur dioxide can be traced to the Clean Air Interstate Rule of 2005 enacted by the U.S. Environmental Protection Agency that called for deep cuts in sulfur dioxide emissions. Source: http://www.upi.com/Science_News/2011/12/01/Satellite-gives-good-news-onair-pollution/UPI-39771322777569/ For more stories, see items 14 and 21 [Return to top] Chemical Industry Sector 3. December 2, KOLN 10 Lincoln – (Nebraska) HazMat team responds to chlorine gas leak in Lincoln. After several hours, Lincoln Fire and Rescue (LFR) cleaned up a chlorine gas leak at a Lincoln, Nebraska mill. The LFR battalion chief said the department was called to the ADM Mill near 6th and South streets just after 9 p.m. December 1. She said the leak sparked a full haz-mat team response. Crews shut off the tank and stopped the leak by about 1 a.m. December 2, the battalion chief said. There was no threat to the community from the leak. Source: http://www.1011now.com/home/headlines/HazMat_Team_Responds_to_Clorine_Spill _in_Lincoln_134894623.html 4. December 1, Tacoma News Tribune – (Washington) State ecology fines BNSF $3k for hazardous February spill at Chambers Bay in University Place; says responders were put in jeopardy. The Washington Department of Ecology fined BNSF Railway $3,000 for spilling 150 gallons of liquid sodium hydroxide in a Pierce County derailment last February. On February 26, 13 rail cars derailed near Chambers Bay Golf Course in University Place. Four of the 15,000-gallon capacity derailed cars were fully loaded with 50 percent sodium hydroxide solution, the department said in a press -2- release December 1. Sodium hydroxide, which is also called lye or caustic soda, is a highly corrosive chemical, the department stated. The material is used in the production of pulp and paper, textiles, soaps and detergents, and is also used as a drain cleaner. Three of the cars landed on the Puget Sound shoreline, with one spilling 50 gallons of chemical on the beach. The department noted the spill area was washed by several tidal cycles before the offending car was removed after 4 days. On March 1, another 100 gallons of sodium hydroxide spilled when equipment operators lost control of a damaged rail car as it was being removed. Along with the fine, the department billed BNSF $6,370 to reimburse the state for its costs in responding to the incident. The department noted a lack of coordination with emergency responders that put crews in jeopardy. The company has been asked to submit a report describing how the railway will better coordinate with incident responders during the spill of hazardous materials. Source: http://blog.thenewstribune.com/business/2011/12/01/state-ecology-fines-bnsf3k-for-hazardous-february-spill-at-chambers-bay-in-university-place-says-responderswere-put-in-jeopardy/ 5. December 1, U.S. Department of Labor – (Rhode Island) U.S. Labor Department's OSHA proposes $72,900 in fines for East Boston, Mass., painting contractor for violations at North Kingstown, R.I., shipyard. A Boston painting contractor faces $72,900 in fines from the U.S. Occupational Safety and Health Administration (OSHA) after one of its employees lost consciousness while working in a confined space in a North Kingstown, Rhode Island shipyard. AMEX Inc. was cited for 13 alleged violations of workplace safety standards after the May 26 incident at the Senesco Marine LLC shipyard. The employee was overcome by vapors while spray painting inside a tugboat and had to be rescued by the North Kingstown Fire Department. The work area was a confined space and the inspection by the OSHA found Amex failed to institute and follow all required precautions. Specifically, it found AMEX did not adequately check for hazardous conditions inside the confined space, did not test the atmosphere for toxic or flammable vapors before the worker entered, and did not provide confined space training. Also, AMEX failed to supply workers with the proper respiratory protection, appropriate respirator fit-testing, and intrinsically safe ventilation equipment. As a result, the OSHA cited 12 serious violations. A serious violation occurs when there is substantial probability that death or serious physical harm could result from a hazard about which the employer knew or should have known. Source: http://www.osha.gov/pls/oshaweb/owadisp.show_document?p_table=NEWS_RELEAS ES&p_id=21447 For more stories, see items 6, 15, and 20 [Return to top] Nuclear Reactors, Materials and Waste Sector Nothing to report -3- [Return to top] Critical Manufacturing Sector 6. December 2, Associated Press – (International) Honda recalls 304,000 vehicles worldwide for air-bag problem. Honda Motor Co. December 2 announced a recall of 304,000 vehicles globally for air-bags that may inflate with too much pressure in a crash, send metal and plastic pieces flying, and cause injuries or deaths. Honda said there have been 20 accidents so far related to this problem, including two deaths in the United States in 2009. The recall affects 273,000 Accord, Civic, Odyssey, Pilot, CR-V, and other models in the U.S., manufactured in 2001 and 2002. The latest recall is an expansion of recalls for the same problem in 2008, 2009, and 2010. A Honda spokesman said the cause for the latest recall was the use of incorrect material in the chemical used to deploy air bags. Source: http://www.huffingtonpost.com/2011/12/02/honda-recallsairbags_n_1124859.html 7. December 1, U.S. Department of Labor – (Rhode Island) U.S. Labor Department's OSHA cites North Kingstown, RI, shipyard for repeat and serious safety hazards, proposes more than $62,000 in fines. The U.S. Department of Labor's Occupational Safety and Health Administration December 1 cited Senesco Marine LLC for alleged serious and repeat violations of workplace safety standards. The North Kingstown, Rhode Island, shipyard faces a total of $62,700 in proposed fines for eight serious and one repeat violation due to mechanical, electrical, and exit hazards at the shipyard. The shipyard manufactures fuel and chemical barges and tugboats, as well as offering ship repair services. Source: http://www.osha.gov/pls/oshaweb/owadisp.show_document?p_table=NEWS_RELEAS ES&p_id=21453 8. November 30, U.S. Department of Transportation – (National) NHTSA recall notice Toyota Sienna incorrect vehicle load labels. Toyota announced a recall November 20 of 210,000 model year 2011 through 2012 Sienna vehicles for failing to comply with the requirement for displaying the correct vehicle capacity weight as the rated load for the combination of cargo and occupants. Incorrect information on the vehicle placard may lead to tire overloading and possibly cause tire failure increasing the risk of a crash. Toyota will mail out a corrected placard to customers along with revised owner manual information. Source: http://wwwodi.nhtsa.dot.gov/recalls/recallresults.cfm?start=1&SearchType=QuickSearch&rcl_ID= 11V560000&summary=true&prod_id=975778&PrintVersion=YES [Return to top] Defense Industrial Base Sector Nothing to report -4- [Return to top] Banking and Finance Sector 9. December 2, WYMT 12 Hazard – (Kentucky; Tennessee) Police: 'Bad Hair Bandit' strikes again. Police said a man came into the L&N Credit Union inside a Walmart in Williamsburg, Kentucky and robbed it at gunpoint December 1. Now, police think the so-called "Bad Hair Bandit" is responsible, a man already tied to six bank robberies in Kentucky, and Tennessee. Police said the suspect showed a semi-automatic weapon and walked away with an undisclosed amount of money. Since June, the "Bad Hair Bandit" has hit two banks in Barbourville, two in Tennessee, one in McCreary County, and one in Corbin. A police assistant chief said the department had guarded against a possible strike by the "Bad Hair Bandit," at other locations, but did not expect the suspect to target this bank inside a busy Walmart store. "This was high risk with several people around," he said. Source: http://www.wkyt.com/wymtnews/headlines/Bad_Hair_Bandit_strikes_again_13488306 3.html 10. December 1, U.S. Securities and Exchange Commission – (National) SEC charges multiple hedge fund managers with fraud in inquiry targeting suspicious investment returns. As part of an initiative to combat hedge fund fraud by identifying abnormal investment performance, the Securities and Exchange Commission (SEC) December 1 announced enforcement actions against three separate advisory firms and six individuals for various misconduct, including improper use of fund assets, fraudulent valuations, and misrepresenting fund returns. In particular, the SEC alleges the firms and managers engaged in a wide variety of illegal practices in the management of hedge funds or private pooled investment vehicles, including fraudulent valuation of portfolio holdings, misuse of fund assets, and misrepresentations to investors about critical attributes such as performance, assets, liquidity, investment strategy, valuation procedures, and conflicts of interest. In one case, the SEC charged two individuals for engaging in a fraudulent scheme to overvalue the reported returns and net asset value of the Millennium Global Emerging Credit Fund. The complaint alleges the fund’s former portfolio manager schemed with two European-based brokers to inflate the fund’s reported monthly returns and net asset value by manipulating its supposedly independent valuation process. The scheme caused the fund to drastically overvalue security holdings by as much as $163 million in August 2008. By overstating the fund’s returns and overall net asset value, the manager was able to attract at least $410 million in new investments, deter about $230 million in eligible redemptions, and generate millions of dollars in inflated management and performance fees. The other actions were brought against ThinkStrategy Capital Management and its sole director, Solaris Management LLC and its owner, and LeadDog Capital Markets LLC and its general partners and owners. Source: http://www.sec.gov/news/press/2011/2011-252.htm -5- 11. December 1, U.S. Securities and Exchange Commission – (National) SEC, U.S. attorney and FBI announce 13 charged in connection with securities kickback schemes. The Securities and Exchange Commission (SEC), U.S. Attorney for the District of Massachusetts, and FBI December 1 announced parallel cases filed in federal court against many corporate officers, lawyers, and a stock promoter alleging they used kickbacks and other schemes to trigger investments in various thinly traded stocks. The case charged 13 defendants who engaged in criminal activity in the midst of an undercover FBI operation. According to the charges, the schemes involved secret kickbacks to an investment fund representative in exchange for having the fund buy stock in certain companies; the kickbacks were to be concealed through the use of sham consulting agreements. What the insiders and promoters did not know was the purported investment fund representative was actually an undercover agent. The defendants include two individuals who were in the business of finding capital for emerging companies. The civil case names some of the individuals who were charged criminally, and the SEC also issued trading suspensions in the stocks of many of the companies involved. The charges follow a year-long investigation focusing on preventing fraud in micro-cap stock markets. The SEC suspended trading in seven microcap firms: 1st Global Financial Inc., Augrid Global Holdings Corp., ComCam International, Inc., MicroHoldings US, Inc., Outfront Companies, Symbollon Corp./Symbollon Pharmaceuticals, Inc., and ZipGlobal Holdings Inc. MicroHoldings and ZipGlobal are also charged civilly by the SEC with fraud. The SEC also filed civil charges of securities fraud against four of the defendants alleging they defrauded investors through the use of kickbacks in financing transactions. Source: http://www.sec.gov/news/press/2011/2011-251.htm 12. December 1, Miami Herald – (Florida) Two more Scott Rothstein associates charged in massive scam. Two employees of a convicted Ponzi schemer's Fort Lauderdale, Florida law firm were charged December 1 with offenses related to his $1.2 billion investment scam that collapsed 2 years ago, according to the U.S. attorney’s office. One employee was charged in federal court with conspiring with the Ponzi schemer by falsifying the law firm’s trust account records that it held at Toronto Dominion Bank. The second employee was charged with conspiring with the head of the firm and other employees in an election scheme to donate more than $1 million to a presidential campaign and Republican political committees in 2008. The charges against the two administrative assistants bring the total number of employees and others prosecuted in the massive scheme to eight, including the head of the firm. He is serving a 50-year sentence on racketeering, fraud, and money-laundering convictions. Source: http://www.miamiherald.com/2011/12/01/2526684/two-more-scott-rothsteinassociates.html For another story, see item 34 [Return to top] -6- Transportation Sector 13. December 2, Chicago Tribune – (Illinois) Metra delays, traffic closures end after freight train derailment. A freight train derailed on a viaduct at 47th Street and Archer Avenue in Chicago, the morning of December 2, delaying Metra trains on the Heritage Corridor line, and blocking traffic. WGN 9 Chicago video showed about a half dozen derailed freight cars, with one car leaning over the overpass. The leaning car bore the markings of the intermodal transportation company J.B. Hunt. Metra did not anticipate afternoon delays, and the intersection of 47th and Archer reopened by a little after noon, officials said. The cars were carrying office supplies, a Chicago Fire Department spokesman said. A crane would have to upright the derailed cars, he said. A BNSF Railway Co. spokeswoman said the train was departing the company's Corwith Yard when a stacked car derailed on the Archer Avenue bridge. The cause of the derailment, which occurred about 6:40 a.m., is under investigation, she said. The Chicago Transit Authority rerouted its No. 62 Archer buses in both directions via 47th, Lawndale, 51st, Kedzie, and 47th, due to street blockage. Reroutes were no longer in effect by about noon. Source: http://www.chicagotribune.com/news/local/breaking/chi-freight-trainderailment-blocks-metras-heritage-line-20111202,0,4632473.story 14. December 1, The Salt Lake Tribune – (Utah) Winds buffet Utah, toppling trucks, trees, power lines. Hurricane-force winds topping 100 mph in some places ripped through Utah December 1, overturning semi-trailer rigs on Interstate 15, toppling trees and triggering widespread power outages affecting nearly 50,000 homes and businesses. The Utah Highway Patrol reported 16 semis overturned by the wind on the state’s highways December 1, including three on Legacy Parkway and 10 more on Interstate 15 in Davis County, where winds lashed at 102 mph. None of the drivers suffered more than minor injuries. Source: http://www.sltrib.com/sltrib/news/53027231-78/thursday-power-utahogden.html.csp 15. December 1, Amarillo Globe-News – (Texas) Report: Sept. rail car fire caused $1M in damage. A September 16 rail car explosion that sent flames soaring hundreds of feet into the air caused nearly $1 million in equipment and yard damages, according to a recently submitted report by the Burlington Northern Santa Fe (BNSF) rail yard in Texas. The Amarillo Globe-News reported December 1 the fire that forced about 200 people to evacuate homes, businesses, and schools for nearly 3 hours caused about $853,000 in equipment damage, and $93,000 in yard damage. A BNSF spokesman said an employee was operating a remote-control car when one car jumped, causing the car’s connecting device — called a coupler — to puncture a neighboring car loaded with pentane. The impact caused the pentane car to leak and catch fire, he said. BNSF’s report states two locomotives and 26 cars were involved in the accident. Of all the cars, 14 were carrying hazardous material, four were damaged, and one car released the hazardous material. In meetings with city and county officials to discuss response, BNSF officials revealed the cars normally roll at 4 to 5 mph, but the connecting car may have been traveling at about 8 to 9 mph, said the emergency management coordinator for Amarillo and Potter and Randall counties. He said while the response -7- was generally good, it would have helped if authorities had a map of the railyard, including the seven muster stations. Source: http://amarillo.com/news/local-news/2011-12-01/report-sept-fire-caused-1mdamage#.Ttj48VZinus For more stories, see items 1, 4, and 7 [Return to top] Postal and Shipping Sector 16. December 1, Associated Press – (Alabama) Man fires shots in Montgomery post office; no one injured. A gunman armed with several pistols fired off multiple shots at a large mail processing area at Montgomery, Alabama's main post office December 1, but injured no one and was quickly taken into custody, police said. It was unclear how many shots the man fired inside the center that processes mail for Alabama’s capital city. Employees were allowed back in the building at about 8 p.m. About 200 employees work at the post office located in a commercial area of the city, next to Auburn University’s Montgomery campus. Source: http://blog.al.com/wire/2011/12/man_fires_shot_in_montgomery_p.html 17. December 1, WJLA 7 Washington D.C. – (District of Columbia) Postal Service employee robbed, locked in truck. A U.S. Postal Service employee was robbed and locked in his postal truck in the northwest section of Washington D.C. December 1, and inspectors said this is the latest in a string of robberies targeting postal employees over the past few months. Police said the postal worker was on his daily rounds when an armed, masked man demanded cash, money orders, and everything else the man had. The suspect then locked the worker inside the truck and escaped. The worker was freed about 25 minutes later. Source: http://www.wjla.com/articles/2011/12/postal-service-employee-robbed-lockedin-truck-69844.html [Return to top] Agriculture and Food Sector 18. December 2, Food Safety News – (California) E. coli contaminated egg nog recalled. Cal Poly Creamery of San Luis Obispo, California, is recalling its quart-sized bottles of Farmstead Made Eggnog after a sample was found to be contaminated with E. coli, Food Safety News reported December 2. The contamination was noted November 30 after routine testing at the creamery, which is run by California Polytechnic State University, the college reported on its Web site. Production of Cal Poly eggnog has been suspended while the California Department of Food and Agriculture and the Cal Poly Creamery continue their investigation into the cause of the problem. Cal Poly has engaged an independent laboratory to conduct more analysis to determine the specific strain of E. coli present. The recalled product may have been purchased at several California retailers. -8- Source: http://www.foodsafetynews.com/2011/12/e-coli-contaminated-egg-nogrecalled/ 19. December 2, Food Safety News – (Illinois; Missouri) Salmonella test prompts grape tomato recall. Front Row Produce of St. Louis is recalling 10-ounce pint and 10-pound bulk grape tomatoes supplied by Rio Queen Citrus of Mission, Texas, because they may be contaminated with Salmonella, Food Safety News reported December 2. The tomatoes were distributed throughout Missouri and Illinois to food service distributors and retail stores. The contamination was noted after random testing by Rio Queen Citrus revealed the presence of Salmonella in some 20-pound bulk containers. Production of the tomatoes has been suspended while the U.S. Food and Drug Administration and the company continue their investigation into the source of the problem. The recalled tomatoes for retail sale are in a 10-ounce, clear plastic package with a Front Row Produce "Grape Tomatoes" label on the top. Source: http://www.foodsafetynews.com/2011/12/salmonella-test-prompts-to-grapetomato-recall/ [Return to top] Water Sector 20. December 1, Anderson Independent Mail – (South Carolina) Twelve Mile Creek needs more work. Work to restore Twelve Mile Creek after decades of contamination by a Pickens, South Carolina, capacitors plant is far from over, a federal official told Pickens County residents December 1. A U.S. Environmental Protection Agency project manager for the Sangamo Weston Superfund site said his agency intends to test flood plains along a 2-mile stretch of the creek this year for the presence of polychlorinated biphenyls (PCB). He added that by this time next year, his agency will also know the extent of safety concerns that may remain in the waterway. Tests sponsored by the county government and a group of environmental organizations this past spring found PCBs in the creek bed. The former Sangamo Weston capacitors plant in Pickens dumped more than 400,000 pounds of PCBs into Town Creek between 1955 and 1978, the manager said. Town Creek flowed into Twelve Mile, which carried PCBcontaminated sediment to Hartwell Lake. Two dams removed earlier this year, known as Woodside I and Woodside II, blocked Twelve Mile Creek at two spots near the Cateechee community. Their removal was part of an agreement years in the making to restore the creek to its natural flow, a move meant to allow sediments to flow downstream and bury PCBs that had tumbled into Hartwell Lake decades before. The project manager said the vast majority of PCBs that Sangamo Weston dumped into the environment are at the bottom of Hartwell Lake, buried too deep to ever be a concern again. Source: http://www.independentmail.com/news/2011/dec/01/twelve-mile-creek-needsmore-work/ 21. December 1, KUSA 9 Denver – (Colorado) EPA: Benzene levels in creek 400 times that of drinking water standards. An oil leak from a Commerce City, Colorado refinery is spilling a dangerous cancer-causing chemical into a nearby creek. The U.S. -9- Environmental Protection Agency (EPA) said benzene levels in Sand Creek were 400 times the amount for drinking water standards. The partial results are from five samples taken at various locations along the creek near the Suncor Energy plant. The EPA thinks the test results are further proof the leak is a refined gasoline of some type. So far, no public health warnings have been issued, but the EPA is urging people not to drink water in Sand Creek. EPA lab results released December 1 show benzene concentrations ranging from 2,000 parts per billion (ppb) around the location of the seep, and 480 ppb where the creek enters the South Platte River. The national drinking water standard is 5 ppb. Some of the oil got nto the South Platte. Suncor said its 60person emergency response team was able to contain the spill. The Colorado Department of Public Health and Environment (CDPHE) issued a written order demanding Suncor follow orders to have the seep cleaned up by March 1, 2012. The CDPHE said it also is ordering Suncor to perform daily inspections sampling the air inside the nearby Denver Metro Wastewater Treatment Plant as well as the creek. The CDPHE said it is talking to the attorney general about possible enforcement action against Suncor over the incident. Source: http://www.9news.com/news/article/233240/222/EPA-Benzene-levels-increek-400-times-that-of-standards 22. November 30, Associated Press – (Texas) NASA satellites find Texas groundwater at record low, will take months or years to replenish. An historic drought has depleted Texas aquifers to lows rarely seen since 1948, and it could take months — or even years — for groundwater supplies to fully recharge, scientists who study NASA satellite data said November 30. The Associated Press reported that data compiled by NASA satellites combined with information from the University of Nebraska’s National Drought Mitigation Center confirm fears the 14-month drought has significantly hurt aquifers. “We can say with more confidence that yes, the groundwater storage is being reduced,” said a drought center climatologist. Texas has received a little more than 12 inches of rain this year, which is 15.5 inches below normal, a Texas climatologist said. He noted that despite some recent rain, the deficit has actually grown since last month by about an inch. The longer the drought persists, the more the groundwater is depleted — not only because rain is not recharging the aquifers, but also because more people are using that water. As the aquifers are depleted, some people may have to drill deeper wells, scientists said. Some recent rains appear to have improved the soil quality in parts of Texas, but it will take much more to recharge the aquifers. Source: http://www.washingtonpost.com/national/nasa-satellites-find-texasgroundwater-at-record-low-will-take-months-or-years-toreplenish/2011/11/30/gIQAnpDvDO_story.html [Return to top] Public Health and Healthcare Sector Nothing to report [Return to top] - 10 - Government Facilities Sector 23. December 2, KAAL 6 Austin – (Minnesota) Teacher's lab experiment ignites Maple Grove student's face. A teenager remained hospitalized late December 1 after he and three other students were burned during a science experiment at their Maple Grove, Minnesota school earlier in the day. The 15-year-old boy was in the front row of his science class at Maple Grove Junior High School as his teacher performed an experiment with flammable liquids. The boy said he remembered his teacher dropping a match into a jug containing methanol. The next thing he knew, liquid from the jug was on him and it was burning. The other students had less severe injuries, and were treated at an area hospital and released. Source: http://kaaltv.com/article/stories/S2394992.shtml?cat=10728 For another story, see item 1 [Return to top] Emergency Services Sector 24. December 2, Associated Press – (Texas) Three police officers struck, injured trying to clear freeway accidents. Three Dallas, Texas police officers were hurt December 2 while trying to clear two unrelated Interstate 635-area wrecks on a rainy morning. Police said two officers were injured around 2 a.m. when a tractor-trailer rig hit two parked squad cars. Police said both officers were transported to Parkland Memorial Hospital. No details were immediately released on their conditions. The second accident happened around 2:30 a.m. when a stopped patrol car was hit from behind by another vehicle. Police said the squad car's gas tank ruptured, leading to a hazardous materials spill. One officer was transported to Parkland for observation. Source: http://www.ktxs.com/news/29905851/detail.html 25. December 2, WMUR 9 Manchester – (New Hampshire) Ossipee jailbreak prompts massive police search. A massive police search was under way December 1 for an escaped prisoner from the Carroll County House of Corrections in Ossipee, New Hampshire, according to local police. The police chief in neighboring Tamworth said every available police unit, including police from Ossipee, Tamworth, Effingham, Freedom, and state police, were responding. Officials said the escapee was believed to be wearing a gray sweatshirt and gray sweatpants. He was being held while awaiting trial for a burglary offense. Investigators said he was in the jail yard during his 30minute recreation time when he ran away. Police consider him to be dangerous. Officials said he is 5 feet 6 inches tall and weighs 135 pounds. He has hazel eyes and blond or strawberry blond hair. Maine State Police and the York County Sheriff's Department in Maine have joined the search for the inmate. Source: http://www.wmur.com/r/29900314/detail.html 26. December 2, Associated Press – (California) Federal jury indicts San Francisco drug lab tech. A former technician at the San Francisco Police Department’s crime lab has been charged in federal court with skimming cocaine from the lab, an allegation that - 11 - forced its closure and the dismissal of hundreds of drug cases. A federal grand jury indicted the technician December 1 on a felony count of acquiring a controlled substance by subterfuge. Authorities said she took cocaine evidence from the lab while working there in late 2009. State prosecutors declined to file criminal charges against her, saying there was insufficient evidence she was stealing drugs she was supposed to be testing. Her attorney said federal officials are overreaching in claiming jurisdiction over the case. She was convicted of cocaine possession in San Mateo County, where she lives. Source: http://www.salon.com/2011/12/02/federal_jury_indicts_san_francisco_drug_lab_tech/ 27. December 1, KXTV 10 Sacramento – (California) 3 Tuolumne Co. sheriff's patrol cars set on fire. Three Tuolumne County, California Sheriff's Department patrol cars were purposely set on fire December 1, according to the sheriff. A Sonora Union Democrat article stated a deputy at the Yaney Avenue sheriff's administration building heard strange noises in the parking lot at the rear of the building and discovered burning vehicles when he went to investigate. The Sonora Fire Department responded a little after 3 a.m. and extinguished the flames. However, the cars, which cost about $40,000 each, were destroyed, the sheriff said. Once the fire was out, investigators discovered a private vehicle belonging to an unknown person parked between two patrol cars. The sheriff said the fire was intentionally set and he therefore put in calls to state and federal authorities to determine whether this could be considered "an act of terrorism against the department." Agents with the FBI and Bureau of Alcohol, Tobacco, Firearms and Explosives were investigating. Source: http://www.news10.net/news/article/165855/2/3-Tuolomne-Co-Sheriffs-Deptpatrol-cars-set-afire?hpt=ju_bn6 28. December 1, WOAI 4 San Antonio – (Texas) Attempted police department hacking traced to firehouse computer. Bandera County, Texas officials are investigating an attempted hack into the police department's computer files. Officials said the attempted hacking appeared to come from a computer in the Bandera firehouse. Right now, all city departments run off the same server. The city will now consider setting up departments on separate servers to increase security. Bandera officials have not said if any sensitive information was compromised. Source: http://www.woai.com/news/local/story/Attempted-police-department-hackingtraced-to/6MKPv_OiNUCKxol_lwg4Pg.cspx 29. November 30, Federal Computer Week – (National) Disaster drill detrailed by disasters. The federal government’s annual nationwide disaster drill was a victim of Mother Nature this year, as real-world recovery efforts for areas affected by tornadoes and floods took priority over the exercise, according to a new audit. The Federal Emergency Management Agency (FEMA) led the National Level Exercise (NLE) from May 16 to 19 with a simulation of an earthquake in the Midwestern states. The annual drill is mandated by Congress and directed by the White House, with numerous state and local agencies participating as well. However, the weeks leading up to the exercise were "a period of high-disaster activity," with tornadoes and floods affecting the states and the FEMA region involved in the exercise, according to the audit from DHS’s - 12 - acting inspector general. As a result, participation dropped, with four states and one FEMA region canceling their involvement, and the exercise was scaled back as a number of government employees were called to official recovery duties. As those employees left, they were replaced by staffers who came less prepared, the audit states. In addition, two other federal agencies did not participate in the drill or simulate their activities, despite a requirement to do so. It was unclear whether this was due to realworld events or not, the report states. FEMA officials said there would be stronger accountability measures for future drills. Overall, the impact of real-world disasters hampered the play exercise, the auditors concluded. When asked about the effect of real-world events on NLE 2011, a FEMA official said it was "immeasurable." Source: http://fcw.com/articles/2011/11/30/national-level-exercise-audit.aspx For more stories, see items 4 and 15 [Return to top] Information Technology Sector 30. December 2, IDG News Service – (International) Yahoo Messenger flaw enables spamming through other people's status messages. An unpatched Yahoo Messenger vulnerability that allows attackers to change people's status messages and possibly perform other unauthorized actions can be exploited to spam malicious links to a large number of users, IDG News Service reported December 2. The vulnerability was discovered in the wild by security researchers from antivirus vendor BitDefender while investigating a customer's report about unusual Yahoo Messenger behavior. The flaw appears to be located in the application's file transfer API (application programming interface) and allows attackers to send malformed requests that result in the execution of commands without any interaction from victims. Source: http://www.computerworld.com/s/article/9222360/Yahoo_Messenger_flaw_enables_sp amming_through_other_people_s_status_messages?taxonomyId=17 31. December 2, Softpedia – (International) Cutwail botnet expands via Facebook notification spam. Security experts noticed the botnet known as Pushdo or Cutwail, that has been making rounds since 2007, is now launching a spam campaign in search of new devices to infect, Softpedia reported December 2. Airline ticket orders, ACH alerts, Facebook notifications, or even e-mails that claim to represent scanned documents can actually hide malicious links that redirect users to malware hosted on various Web locations, M86 Security Labs reported. The most dangerous variant is the one that replicates a Facebook friend request. The e-mail only contains the name of a user and two links, Confirm Friend Request, and See all Requests. When one of the links is selected, the victim is taken to a rogue Web site that hosts malicious code. The phony messages that claim an airplane ticket was purchased using the recipient’s credit card are also utilized in this spam campaign. Again, when the More details link is clicked, the user is taken to another malevolent site. The number of malicious sites is very large and security solutions providers have a hard time making sure their products block all of them. In some cases, the sites may even be legitimate, but forcefully taken - 13 - over by the cybercriminals and plagued with the same pieces of malware. None of the e-mails contains attachments. Instead, they all contain a link that points to a malware infested site. Source: http://news.softpedia.com/news/Cutwail-Botnet-Expands-Via-FacebookNotification-Spam-238075.shtml 32. December 1, Computerworld – (International) AT&T, Sprint confirm use of Carrier IQ software on handsets. AT&T, Sprint, HTC, and Samsung confirmed December 1 their mobile phones integrate a controversial piece of tracking software from a company called Carrier IQ. Wireless carriers AT&T and Sprint insisted the software is being used solely to improve wireless network performance, while phone makers HTC and Samsung said they were integrating the software into their handsets only because their carrier customers were asking for it. Meanwhile, several large carriers and handset makers, including Verizon, Research In Motion, and Nokia, distanced themselves from the software and insisted that reports about their devices integrating the tool are false. The controversy began the week of November 21 when an independent security researcher published a report disclosing how Carrier IQ's software could be used by carriers and device makers to conduct surreptitious and highly intrusive tracking of Android and other smartphone users. Source: http://www.computerworld.com/s/article/9222319/AT_T_Sprint_confirm_use_of_Carri er_IQ_software_on_handsets?taxonomyId=17 33. December 1, Infosecurity – (International) One-quarter of firms hit by cybercrime, survey finds. Nearly a quarter of organizations around the world were victims of cybercrime in the last 12 months, according to PricewaterhouseCooper’s (PwC) 2011 Global Economic Crime Survey. Cybercrime now ranks as one of the top four economic crimes, according to the survey. The perception of cybercrime as a predominantly external threat is changing, and organizations are now recognizing the risk of cybercrime coming from inside as well. PwC surveyed 3,877 respondents from 78 countries for its annual economic crime survey. The director of PwC’s UK cyber and information security practice noted that 40 percent of the organizations surveyed cited damage to reputation as a major concern from cybercrime, and this concern is triggering increased spending on preventative measures. Respondents said the IT department was the most likely source of cybercrime internally. IT was cited by 53 percent of respondents, followed by operations (39 percent), sales and marketing (34 percent), and finance (33 percent). While half of all respondents noted increased awareness of the cybercrime threat, the majority of respondents said they do not have a cybercrime crisis response plan in place or are not aware of having one. Sixty percent said their organization does not monitor social media sites. Source: http://www.infosecurity-magazine.com/view/22389/onequarter-of-firms-hitby-cybercrime-survey-finds/ 34. November 30, Infosecurity – (International) Trusteer warns that cybercriminals are moving into fresh one-stop crime areas. Research published November 30 by Trusteer claims to show cybercriminals have widened the services they provide as a one-stop-shop to third-party fraudsters. According to the in-browser security - 14 - specialist’s chief technology officer, these one-stop shops are where criminals can buy everything they need to meet demand from fraudsters. Trusteer has come across a new fraud group that — as well as offering infection services for prices between 0.5 and 4.5 cents for each upload, depending on geography — also provides polymorphic encryption, and AV checkers. This new one-stop-shop approach for malicious services, he asserts, is a natural evolution of the market: if the customers need to infect, then they also need to evade AV. For polymorphic encryption of malware, he said, the fraudsters are charging from $25 to $50 — and for prevention of malware detection by anti-virus systems (AV checking) they charge $20 for 1 week, and $100 for 1 month of service. The chief technology officer said it is now a buyer’s market, with his firm’s research operation having also come across advertisements published by prospective buyers of infection services. The ad, he noted, basically presets the buying price, how it is charged, and the scope of the service, with the advertiser only paying for unique uploads, with the price calculations being conducted according to the advertiser's own Black Hole exploit kit stats module. In addition, Trusteer said the advertiser will pay in advance to the sellers with recommendations, that is, those that have 1-10 "fresh" forum messages, otherwise the sellers are paid afterwards. Source: http://www.infosecurity-magazine.com/view/22355/trusteer-warns-thatcybercriminals-are-moving-into-fresh-onestop-crime-areas/ Internet Alert Dashboard To report cyber infrastructure incidents or to request information, please contact US-CERT at sos@us-cert.gov or visit their Web site: http://www.us-cert.gov Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and Analysis Center) Web site: https://www.it-isac.org [Return to top] Communications Sector 35. December 1, Examiner.com – (California) Metal thieves take KVCR-TV off the air. A metal theft at a Riverside County, California mountaintop antenna site knocked KVCR 24 San Bernadino off the air until repairs are completed. The theft was the second incident since the weekend of November 26 and 27. Both thefts hit the station’s remote-controlled transmitter on Box Springs Mountain that overlooks Moreno Valley, and the San Bernardino Valley. The station president said December 1, "The cost of the repairs will exceed ⦠$20,000," and added, 'We hope to be back up by this evening." The initial theft damaged three air conditioners and a transmitter cooling system that was not in use. The station was able to continue broadcasting after the first incident. But in the November 30 incident, the thieves damaged the remaining cooling system for the TV transmitter, which caused an automatic shutdown to prevent major transmitter damage. "They had to have a big truck the second time, because they took the coolant assembly. It’s like a (vehicle) radiator, and it’s full of copper tubing," the station president said. The KVCR site is protected primarily by a locked gate across the access road. There was no obvious damage to the gate or the locks, he said. But many - 15 - people have access to the mountaintop because it also serves as an antenna site for Riverside County government agencies and several broadcast companies, he said. KVCR has almost 1 million viewers and its antenna shoots a broadcast signal as far as Catalina Island. The thefts did not affect KVCR’s FM radio station, nor its six microwave dishes also located at the site. "We’ll have a security system in place before the weekend is out," the station president said. He also said it would include surveillance cameras. Source: http://www.examiner.com/city-buzz-in-riverside/metal-thieves-take-kvcr-tvoff-the-air For another story, see item 32 [Return to top] Commercial Facilities Sector 36. December 2, Baltimore Sun – (Maryland) Baltimore County man pleads guilty to hoarding explosives. Police in Baltimore County, Maryland, who investigated a man who shot a child in the leg with a pellet gun in February found a pile of guns, ammunition, bombs, fuses, and metal pipes when they searched the man's apartment, the Baltimore Sun reported December 2. The man pleaded guilty in federal court December 1 to possession of firearms and explosives, and faces up to 20 years in prison when he is sentenced March 1. Police said they found the following items in his apartment: the BB gun used in the assault, a loaded 9mm handgun, a 12-gauge shotgun, 3 boxes of ammunition, handcuffs, brass knuckles, other BB guns and airsoft pistols, and a stun gun. Police also observed "several improvised explosive devices, including: C-4 explosive material; and a clear plastic container with gray powder and a M-800 pyrotechnic device inside, secured with a white lid with a burnt hole in the center." Authorities searched the apartment a second time and said they found "items commonly used in the production of illegal improvised explosives, including, among other things: containers of potassium nitrate and potassium chlorate, smokeless shotgun powder, model rocket igniters and motors, pool chemicals, various fuse materials, PVC and metal pipe of varying lengths and pipe fittings." Source: http://weblogs.baltimoresun.com/news/crime/blog/2011/12/baltimore_county_man_ple ads_gu.html 37. December 2, KDVR 31 Dever – (Colorado) Fire destroys Jehova's Witnesses church. Fire destroyed a Kingdom Hall of Jehovah's Witnesses church in Aurora, Colorado, December 2. A firefighter on the scene said a motorist noticed smoke coming from the building and called 911. There was not much damage visible from the outside of the building, but firefighters said the inside is a total loss. They were still mopping up more than 3 hours after the fire started. Arson investigators were called as part of normal practice. It was too early in the investigation to know what started the fire. Source: http://www.kdvr.com/news/kdvr-fire-destroys-jehovas-witnesses-church- - 16 - 20111202,0,1010811.story?track=rss&utm_source=feedburner&utm_medium=feed&ut m_campaign=Feed:+kdvr-news+(KDVR+-+Local+News) 38. December 2, WTAE 4 Pittsburgh – (Pennsylvania) Gas leak forces seniors into cold. Residents of a West Deer, Pennsylvania apartment building were forced into the cold because of a gas leak December 2. Residents reported a smell of gas at the West Deer Senior High Rise. Dozens of residents were evacuated from their apartments and into a bus to stay warm. Gas company workers discovered a pilot light on one of the building's boilers had gone out during an overnight power outage. The building's residents waited for close to 2 hours on the bus before being allowed back inside their apartments. Source: http://www.wtae.com/r/29905286/detail.html 39. December 1, Astoria Daily Astorian – (Oregon) State bomb squad disarms pipe bomb in Gearhart. Oregon State Police diffused a pipe bomb found in a parking lot in an industrial park in Gearhart December 1. The pipe bomb was a plastic pipe 6 to 8 inches long and 1.5 to 2 inches in diameter, said the president of Pacific Alarm Systems, which is located in the park. The bomb had capped ends, with a hole drilled through one end, and a fuse running from the hole. The Gearhart police chief said the bomb contained powder similar to that found in a firecracker. He said the powder would explode if put under pressure. The contents of a storage unit on the property had been auctioned off recently, and the bomb may have come from that unit. Squad members placed the bomb on a grassy area and sprayed it with a water jet with pressure hard enough to break the pipe and dilute the powder. Source: http://www.dailyastorian.com/free/state-bomb-squad-disarms-pipe-bomb-ingearhart/article_6c169440-1c77-11e1-81d3-0019bb2963f4.html For more stories, see items 4 and 41 [Return to top] National Monuments and Icons Sector Nothing to report [Return to top] Dams Sector 40. December 2, Associated Press – (South Dakota) Flood-weary residents wary of Corps plan to flush sediment out of Lewis and Clark Lake. Flood-weary residents are expressing dismay about a U.S. Army Corps of Engineers plan to bump up Missouri River releases to flush sediment out of Lewis and Clark Lake above Gavins Point Dam, near Yankton, South Dakota. The Yankton Press and Dakotan reported that about 200 people attended a meeting November 30 in which the Corps discussed its sediment study. Yankton residents suggested the Corps reconsider upping its releases to 176,000 cubic feet per second. The Corps hydrologic engineering branch chief said the - 17 - sediment study was not connected to this summer's flooding, and the agency did not have the opportunity to take advantage of the historic releases to lower the lake. Source: http://www.therepublic.com/view/story/a04c76d089a14b8c97aff8bc73941850/SD-Corps-Sediment-Study/ 41. December 1, Riverside Press-Enterprise – (California) Environmental report on seismic repairs to dam approved. State water officials adopted the final environmental impact report on seismic repairs to the dam at Lake Perris near Riverside, California. Work is expected to begin in 2014. A 2005 study by state engineers found that the earthen dam would crumble during a 7.5-magnitude earthquake and could release billions of gallons of water across western Riverside County, from Lakeview to the Prado Dam near Corona. After that, the lake was dropped 25 feet, reducing the number of boats that could use it until the work is completed. Engineers from the department of water resources plan to inject cement and soil into the dam’s foundation and build a berm on top. The outlet tower also will be replaced, according to the document made public December 1. All but the lake’s north shore will be closed until construction is finished in 2015. According to one estimate, repairs are predicted to cost as much as $300 million. Source: http://www.pe.com/local-news/breaking-news-headlines/20111202-perrisenvironmental-report-on-seismic-repairs-to-dam-approved.ece [Return to top] - 18 - DHS Daily Open Source Infrastructure Report Contact Information About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/iaipdailyreport Contact Information Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2267 Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes. Removal from Distribution List: Send mail to support@govdelivery.com. Contact DHS To report physical infrastructure incidents or to request information, please contact the National Infrastructure Coordinating Center at nicc@dhs.gov or (202) 282-9201. To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit their Web page at www.us-cert.gov. Department of Homeland Security Disclaimer The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material. - 19 -
